FKIE_CVE-2021-47425

Vulnerability from fkie_nvd - Published: 2024-05-21 15:15 - Updated: 2025-09-23 20:18
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a reference count leak and render the adapter unremovable. Make sure to put the adapter after creating the client in the same manner that we do for OF. [wsa: fixed title]
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494bPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950fPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494bPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950fPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 5.15
linux linux_kernel 5.15
linux linux_kernel 5.15
linux linux_kernel 5.15
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98755D02-BCE1-46F5-A29B-8A0526299A18",
              "versionEndExcluding": "4.14.251",
              "versionStartIncluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F2BDAE-0E29-4C98-A02A-4DA148685995",
              "versionEndExcluding": "4.19.211",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99815E71-6131-41A5-B309-1917CBBDF09C",
              "versionEndExcluding": "5.4.153",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DBC258-8513-4ECB-A55E-57E743405733",
              "versionEndExcluding": "5.10.73",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EB962C-32DC-448F-A900-BCF9A726F9EB",
              "versionEndExcluding": "5.14.12",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: acpi: fix resource leak in reconfiguration device addition\n\nacpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a\nreference on the adapter which is never released which will result in a\nreference count leak and render the adapter unremovable.  Make sure to\nput the adapter after creating the client in the same manner that we do\nfor OF.\n\n[wsa: fixed title]"
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: i2c: acpi: corrige la fuga de recursos en la reconfiguraci\u00f3n del dispositivo a\u00f1dido acpi_i2c_find_adapter_by_handle() llama a bus_find_device() que toma una referencia en el adaptador que nunca se libera, lo que resultar\u00e1 en una fuga de recuento de referencias y haga que el adaptador no sea extra\u00edble. Aseg\u00farese de colocar el adaptador despu\u00e9s de crear el cliente de la misma manera que lo hacemos para OF. [wsa: t\u00edtulo fijo]"
    }
  ],
  "id": "CVE-2021-47425",
  "lastModified": "2025-09-23T20:18:04.767",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-05-21T15:15:27.930",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.